By: Carl Mazzanti, President, eMazzanti Technologies
What’s happening in Ukraine continues to grab the world’s attention — but while military and personal injury rightfully grabs most of the attention, U.S. business owners and individuals should also consider potential cyber risk spillovers for their businesses.
Even before the U.S. and Russia resumed their Cold War confrontation over the Ukrainian invasion, businesses faced a higher risk from state-sponsored attackers, underscoring the need for companies of all sizes to maintain robust cloud security services. Now, with reports of increased hacking activities targeting U.S. companies of all sizes, many business owners are still unaware of the need to upgrade their security systems to a new level with affordable SIEM (Security Event Monitoring) programs and responses. Level.
SIEM programs continuously review important hardware and software logs in real-time and flag suspicious activity for you. From these logs, most SIEM tools will utilize artificial intelligence (AI) to filter the noise in a way that only computers can, and focus on the most important events. The holy grail of a good IT service management or SIEM service provider is that when authorized or enabled, the service will also initiate an instant response designed to protect your identity and digital assets.
The SIEM response package is part of the “triangle” of cybersecurity solutions that make up the must-have approach to cybersecurity. The first “leg” here are preventive controls — and luckily, almost everyone has them: keeping software patches up to date, having a good antivirus program and an effective firewall, and using multi-factor authentication.
The second stop is a detection tool, such as a SIEM or a full-time Security Operations Center. This integrated network automation response package elevates defenses to the highest level by monitoring and alerting users about their devices and systems; and, when elected, can initiate real-time responses to eliminate or mitigate malicious behavior by bad actors.
The third “leg” consists of strong recovery controls, such as strong backups – ideally isolated from the rest of the system in the event of an infection – which can act as a kind of failsafe.
Most business owners just want to run their business, grow it, and serve customers—they’re not signed up to be warriors on the digital battlefield. But as we’ve seen from past mass hacks, companies can no longer remain neutral. Like it or not, bad actors see us all as legitimate targets. Unfortunately, the threat could get worse as the global situation heats up.
Carl Mazzanti is President of eMazzanti Technologies, a company specializing in cyber security